Re: stoping net scans
Hello,
On Sat, Apr 12, 2003 at 11:50:10AM -0500, Jos? A. Guzm?n wrote:
> Is there a tool (log monitoring or otherwise) that effectively blocks incoming
> port scans (maybe interacting with iptables)?.
A properly configured firewall.
> What are you guys using to block incoming port scans?
See above.
The best thing to do is to set up a "statefull" firewall,
meaning, any outgoing packet originating from you will be
allowed back in (ie also known as "reflexive" rules).
I regret that I don't have any examples on hand, good luck ;)
--
+--------------------------------------------------------------+
| Welat xwe ava nake, dest bidin hevdu, pist nedin tu dijminî |
| Riya azadiyê ne hêsan e, hêviya xwe bernedin, dema me |
| nêzîk e. |
| |
| Hevaltî bi kesên du rû nekin, hevaltî bi hevdu ra bikin |
| Ne ji hevaltiya wan kesên pêxwas û rû dirêj, ne bi wan |
| kesên xwînperest, ne jî ji yên din. |
| |
| -Sêrêciya Kurdistanî |
+--------------------------------------------------------------+
translation provided on request: sereciya@kurdistan.ath.cx
Reply to: